Senior IT GRC Consultant

Overview

Remote
Hybrid
$70 - $80
Contract - W2
Contract - Independent
Contract - 12 Month(s)

Skills

Risk Management
Governance
GRC

Job Details

We are seeking an experienced Senior IT Governance, Risk, and Compliance (GRC) Consultant to lead and support enterprise-wide risk management, compliance, and governance initiatives. The ideal candidate will have strong expertise in IT controls, regulatory frameworks, and risk assessments, and will partner closely with business, security, audit, and technology teams to ensure compliance with industry standards and regulatory requirements.

Key Responsibilities

  • Lead IT GRC initiatives including risk assessments, control design, implementation, and monitoring.

  • Develop, maintain, and enhance IT policies, standards, procedures, and governance frameworks.

  • Assess and manage technology risks related to infrastructure, applications, cloud, data, and third-party vendors.

  • Ensure compliance with regulatory and industry frameworks such as SOX, ISO 27001, NIST, COBIT, PCI-DSS, HIPAA, and GDPR (as applicable).

  • Support internal and external audits by preparing documentation, evidence, and remediation plans.

  • Perform gap assessments and maturity evaluations of security and IT control environments.

  • Advise stakeholders on risk mitigation strategies and control improvements.

  • Oversee third-party risk management and vendor security assessments.

  • Track and report on risk issues, remediation efforts, and compliance status to leadership.

  • Collaborate with cybersecurity, IT operations, legal, and business teams to align risk management with business objectives.

  • Mentor junior GRC team members and provide subject matter expertise.

Required Qualifications

  • Bachelor s degree in Information Technology, Computer Science, Cybersecurity, or a related field.

  • 8+ years of experience in IT Governance, Risk, and Compliance or information security.

  • Strong knowledge of IT controls, risk management methodologies, and compliance requirements.

  • Hands-on experience with GRC tools (e.g., Archer, ServiceNow GRC, OneTrust, LogicGate, or similar).

  • Experience supporting audits, compliance assessments, and regulatory examinations.

  • Excellent analytical, documentation, and communication skills.

Preferred Qualifications

  • Professional certifications such as CISA, CRISC, CISSP, CGEIT, ISO 27001 Lead Implementer/Auditor, or PMP.

  • Experience in cloud risk and compliance (AWS, Azure, Google Cloud Platform).

  • Knowledge of data privacy and third-party risk management programs.

  • Prior consulting experience in large enterprise or regulated environments.

Key Skills

  • IT Risk Management

  • Regulatory Compliance

  • Policy and Control Development

  • Audit and Assurance

  • Stakeholder Management

  • Technical Documentation

  • GRC Tools and Reporting

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.